A. Field of the invention
The invention relates to a method for executing an application which comprises executable native or interpretable code and calls functions of an operating system, whereby the operating system transmits a result of a respective function call to the application. The invention further relates to a portable data carrier, in particular a chip card or a security module.
B. Related Art
In the area of chip cards so-called error-inducing attacks are known, which manipulate the program sequence or the memory content of a memory of the chip card. For example upon an attack it can be attempted with the aid of the differential fault analysis (DFA) to spy out secret keys by selectively interspersing erroneous computations. With the aid of a light attack it is attempted to change a security status of the chip card in a targeted fashion, to read out secret data which otherwise would be readable only upon the presence of an authentication. Against such attacks various defense mechanisms were developed, which are based on both software measures and hardware measures. Here the attack detection is regularly effected by an operating system of the chip card or by the functions of the operating system which can be called by applications on the chip card.
In a portable data carrier with an application calling functions of an operating system and containing executable native or interpretable code, the result of the function call can be falsified by an attack, for example a light attack, without it being possible for the application to detect the falsification.